Sometimes I need to take a break from posting what I usually write about so that I can consider changes to make to this blog. I have tried to keep myself busy by ensuring that I finish writing a good and informative post here at least once every two weeks. However, I understand the importance […]
After I wrote a review of the first two chapters of the second edition of “Hacking: The Art of Exploitation” by Jon Erickson, I considered writing a review of the third chapter of it. Now that I have finished reading the third chapter of that book, which is the chapter on program exploitation, I review […]
Whenever there is a dispute between two parties, discovering all of the important facts regarding the dispute can be difficult. There are two sides to every story about disputes between two parties. Those on one side of the dispute may accuse those on the other side of it of not being perfectly honest when giving […]
In the last entry that I wrote here, I mentioned the XSS worm that affected Twitter. In this entry, I describe this worm in greater detail. In addition, I explain what can be done by end users so that they can avoid being victims of attacks such as these. This worm infected the profiles of […]
It seems that nearly every website that has a form for logging into it includes an option for having the website “remember” the user. Some users find it convenient to be “remembered” by sites, as when they are remembered, they will not need to enter their usernames and passwords as often. However, there are disadvantages […]
I try not to bore those who would read what I write. Therefore, I consider it at least somewhat important to make the material that I write here at least somewhat entertaining. For that reason, I wanted to write a post here that would be considered humourous. I have had some difficulty in trying to […]
The tradeoff between security and convenience is one that users often face when browsing the web. Those who prefer security at the expense of convenience would prefer to use the Firefox extension called NoScript, which is an extension whose name emphasizes the measures it takes to secure the browser. There are those who would say […]
It was almost a year ago that I quickly wrote a Greasemonkey user script titled “Web Form Data Analyzer.” This script, which can be found here, is one that modifies the action attributes of <form> tags of web pages so that submitted form data is redirected to a page that displays exactly what data gets […]
Monday, February 16, 2009
I sometimes take time to visit XSSed.com to see if any high profile websites are, or had been, vulnerable to XSS attacks. I also look to see how long it takes websites to remove vulnerabilities to XSS attacks. High profile websites such as Google and Facebook tend to have these vulnerabilities removed within short periods […]
I have mentioned before that the software that I have written is written primarily for myself. However, I sometimes gradually lose interest in using the software that I wrote for myself. When this happens, I am not as likely to discover errors in what I wrote. Therefore, those who use what I wrote test my […]